by r0t,der4444,cembo,VietMafia

Saturday, December 17, 2005

Baseline CMS vuln.

Baseline CMS vuln.

Vuln. discovered by : r0t
Date: 17 dec. 2005
affected version: 1.95 and prior

Product Description:

Baseline CMS is a powerful, web-based content management system that gives you a fast, easy way to update your website - without having to call a webmaster or learn a programming language. Baseline CMS is an investment in technology that will provide a long-term, highly versatile communication channel with low maintenance costs.

Vuln. Description:

Baseline CMS contains a flaw that allows a remote cross site scripting attack. This flaw exists because input passed to "PageID" "SiteNodeID" in "Page.asp" paremters isn't properly sanitised before being returned to the user.
This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

2.SQL inj.
Baseline CMS contains a flaw that allows a remote sql injection attacks.Input passed to the "SiteNodeID" parameter in "Page.asp" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code



Edit the source code to ensure that input is properly sanitised.


Anonymous Dave McKay told...

Version 2.0 (released in Jan 1006) does not have this issue and we have patched prior versions. Thanks for identifying this.

D. McKay

1:46 AM


Post a Comment

<< Home

Copyright (c) 2006 Pridels Sec Crew